2570 matches found
EUVD-2026-29387
Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...
CVE-2026-1681
CVE-2026-1681 concerns Zephyr RTOS network stack behavior when issuing an ICMP ping via the net ping command to the device’s own IPv4 address. The description states that the destination is treated as local, causing the echo request and echo reply to be processed inline within the same frame, whi...
CVE-2026-1681
Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...
CVE-2026-1681 net: Stack Overflow with Ping (to own IP Address) via Shell
Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...
CVE-2026-1681 net: Stack Overflow with Ping (to own IP Address) via Shell
Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...
Zephyr 安全漏洞
Zephyr is an open-source, scalable real-time operating system RTOS developed by Zephyr. There is a security vulnerability in Zephyr, which occurs when sending ICMP ping messages to the device’s own IPv4 address using the net ping shell command. This causes the network stack to recursively re-ente...
PT-2026-39942
Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...
CVE-2026-31195
The ping diagnostic handler in /bin/httpdclientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters using she...
RHCOS 3 : OpenShift Container Platform 3.9 (RHSA-2019:2769)
The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2769 advisory. - HTTP/2: flood using PING frames results in unbounded memory growth CVE-2019-9512 - HTTP/2: flood using HEADERS frames results in...
EUVD-2026-27335
The ping diagnostic handler in /bin/httpdclientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters using she...
CVE-2026-31195
The ping diagnostic handler in /bin/httpdclientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters using she...
CVE-2026-31195
The ping diagnostic handler in /bin/httpdclientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters using she...
Altice Labs GR140DG和Altice Labs GR140IG 安全漏洞
Altice Labs GR140DG and Altice Labs GR140IG are fiber-optic access gateway devices from the Portuguese company Altice Labs. Both devices have security vulnerabilities. The vulnerability stems from the ping diagnostic handler in /bin/httpdclientside, which inserts uncleaned user inputs into the...
CVE-2026-31195
The ping diagnostic handler in /bin/httpdclientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system call, allowing authenticated remote attackers to execute arbitrary commands as root via crafted destAddr parameters using she...
PT-2026-37057
Name of the Vulnerable Software and Affected Versions ALTICE LABS / SFR France GR140DG affected versions not specified ALTICE LABS / SFR France GR140IG affected versions not specified Description The ping diagnostic handler in the '/bin/httpd clientside' endpoint allows authenticated remote...
CVE-2026-31195
The CVE-2026-31195 issue affects ALTICE LABS / SFR France GR140DG/GR140IG fibre CPE/Router/Gateway. The ping diagnostic handler at /bin/httpd_clientside inserts unsanitized user input into a system() call, enabling authenticated remote attackers to execute arbitrary commands as root via crafted d...
WordPress Publish 2 Ping.fm plugin <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Publish 2 Ping.fm versions = 1.1...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ping: Fix potentail NULL deref for /proc/net/icmp. After commit dbca1596bbb0 "ping: convert to RCU lookups, get rid of rwlock", we use RCU for ping sockets, but we should use spinlock for /proc/net/icmp to avoid a potential NULL...
CVE-2026-7692
A vulnerability was detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. The affected element is the function pingddns of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument DDNS results in command injection. The attack can be initiated remotely. The exploit is now public and may ...
EUVD-2026-26831
A vulnerability was detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. The affected element is the function pingddns of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument DDNS results in command injection. The attack can be initiated remotely. The exploit is now public and may ...